d75e493e422fe50e0ee5fbc16c6eaacd2b646565f0c2f24a3c317e0f3ac5ced9

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
13/09/2024, 15:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

de76e8499d2ea9cd3276b66e19b7aa59_JaffaCakes118.html
Size

46KB
MD5

de76e8499d2ea9cd3276b66e19b7aa59
SHA1

24720897b35f1a27ffdbfff0dc1089a255a27b83
SHA256

d75e493e422fe50e0ee5fbc16c6eaacd2b646565f0c2f24a3c317e0f3ac5ced9
SHA512

f51e00bca1e54c9207f6e131bd2bf19dd3e15d79a4be4d0b2718de7d2b31eab596a38723827ceadb5d8967668839f2fa1fb4f2955412c406e2e2c81272554ab8
SSDEEP

768:v/vneuu03pSmwwNb6axuxSLUV/2xHnwMZnO:v/vRSIsa7LUV2xHnllO

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 26 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432404950"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F4A69561-71E8-11EF-BCE0-DECC44E0FF92} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2172	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2172	iexplore.exe
2172	iexplore.exe
3020	IEXPLORE.EXE
3020	IEXPLORE.EXE
3020	IEXPLORE.EXE
3020	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2172 wrote to memory of 3020	2172	iexplore.exe	30
PID 2172 wrote to memory of 3020	2172	iexplore.exe	30
PID 2172 wrote to memory of 3020	2172	iexplore.exe	30
PID 2172 wrote to memory of 3020	2172	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\de76e8499d2ea9cd3276b66e19b7aa59_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2172
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:3020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
24dc039824fc60e8ad2e8f37aceed45b

SHA1
d17922ad498197ebbca2a97217310962dd101a31

SHA256
55bd033fa8701348db114571a46260227d67fe543cae511eaf9e5c5efeac6064

SHA512
4ba169617449b7bf1e6e24096dd0c00aa01f4704aaa0341cb43e802b3da0e1aae7ba9bb8aaeca053dc82ed66da532be2f948492fcec864a64de85c0938959eef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
224282b3fc14c02710256290a100432f

SHA1
501bcea25a6df6212b8eeec128570f2594cf9d0e

SHA256
11bb539317c7c789a3c4d55cd46f26a25531272012b8af728db91b9fd9ad1d2b

SHA512
4ef8fb5ac367485594d343ff227a18ce3abcf1e08fffbd1781cdf767a6cf21077b533a45b79e59de59f0b51fa142be6aa15461449d3a5677c9b26279ad79f2cf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f25f136332f85130cf698439488cb509

SHA1
426e2bc28c0c709cfbbacacd43915827acc64abf

SHA256
4207a7a99767cc535f01f9f519728cdd509c1116494f3e57e2054ef504689cec

SHA512
76c1791e43583b906bc265245cf44c2ffd5a31c674037844e509358788fb715f415da174c219be1e481ce352411ef0387d4b60429258706908d88aa3d790bff0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d45f2a90beb750020a3a73f191e6e981

SHA1
4e12b4deb7342b3254330aaccf8784af9c24bfa6

SHA256
e9633d6d2454d17727404d29a0a1cb22e20077065c55d4c29f95531d6b1a8fc7

SHA512
9703f14aaedc5abf44868ec7386e441ab20dc94e3e1f2534d574ead21ffdc1515d5a49d11c7aef7ca845a135447407d539c597ab2b6dae822c62b3fc492c46da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fa34913cb89eca70d890241c06596883

SHA1
5649248ddab14d05327cc59467648609711ef653

SHA256
2b9aa25aa5dd2f668336d616793ef7a8d50aed490b599227a83fe457f8f7a54a

SHA512
36950c7a3e4669ff17a925b2704da1730e74f9f1a1b0951aedd4500a4a82655199678b0d062f406a8813b48da9492f7a0855399a0bd169c029353c171a790593

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1386023b2fa382df918ee351a6ac5f53

SHA1
ff0419835f2d56213f9d5d1391c51904235468b5

SHA256
b30ae1412b6d2d75fc320d3e955ce22c5474e850f93d271ed808ad8d7d26a46e

SHA512
c1285103553be0ceb9f7bbc4c5046ccc8631747c2fd0b891b04fe2335461b3e00353a19436ebc35b81aeeb3c10048811f798f5fe9ca67a3cb4377591a4d159e0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
285f162833a5267050361c6951f5d468

SHA1
d4d35c24d65db204cbb3ea4e65f7d312ee93a1cb

SHA256
01de5041ad22e37e7c985e2c343b2b9b040a22db7fbae4ae3c905fa31d4ce0ab

SHA512
91910b174c40240e0ce4c866be4d6a741857e40ef3dad6ad3aaa03d4a6209561d7624c4bf57b31d372be67f459bee9bfe688e577a98c484e520d9d26f840b724

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
71065c1166c094efe67db459fa7dd58e

SHA1
29a87d163c3dcfb278e41707b883a6246cc74250

SHA256
80137b6a65214a6784427c92526887b171801238d2e715ee8de69624ad815a1d

SHA512
13939e26f9391286dd990518ba9b5e4e46a9113b0b98c7983586b3aee21482d89abc78a81917a958c21e2ebbcbfb00168dbc28aaf2430f1c2a4a21dbca1dd7c0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c4173b725189a0a2eb3928db659e1f88

SHA1
8a697d7894801d989c5351b700d4f4e526c19fe6

SHA256
421e98c7c99d9745a12c1ce92347985882b69c1eb644008f3b9faeaf176e1ac2

SHA512
b07130bbf1d4c32a42400ed0bc4b498df9889379745875b561ffcbb54e36e43f07845b5f8a24d421be325fc7f09fb7d1a74b83a573b9e717cee459ff31b8953d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e2090a857b4ddf764f4661d89f507de1

SHA1
dd9f2c11bcb59002b54441383e76ebbc1eff949f

SHA256
209c4486e28d195d84daf188df17f0054b19a88efc99735a868218e9a9b0d03f

SHA512
f4baa6360092f7aeeb803f8d5d152808b3972aaf9f10cc3156333f3e1b1af5d8529b8d23f106f848a61d912178f84513a47a9eea1f006896dfe520cec5372385

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b2eac580cadf42b001031788b762d8d7

SHA1
3d535237b2e996e7ad6cf323c076810a92c6b920

SHA256
c622e1c0acf45ea17811776d2d1d63e1ac1be511fdf62900ac88064f3609adb1

SHA512
d0e8922dce65818dc2d68acfd571712ca15bebb39857bbff0bd9d89e2015bc5e1deaaa9c3465091c482e4eebe3011f45006ffb5c5183da2a968725f29ad3ecd4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ddd0f558a102b72d0aa47f1ef658aaa2

SHA1
d4f74e9b4637d48bb05ee74251e7255ed4fe2b9e

SHA256
c44bdc7b02bb277248bac99a210f13f002480d9e517f3b5696e0d03507ffe4cc

SHA512
348b2e2fd3c7d661a60e649761b5b7584b8731a3e34b3d22377d8e8cc78cf973b328113e9fc195cb27845e3d48a692d4dd7129f75823b9751047bfb230b6082b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a5494f8e8f05431226f2c708e2398183

SHA1
4b3bfef84637333ba219aee7155e9c25b8de9fbb

SHA256
080f525528f1be16ab2a94694bb15ea3f064a148bb98cf294e7d9330ecbe7822

SHA512
85565332ffbe8c95b27f3c2f126bf9b1f82fa8f3c9f856811b04c32282c2d60d488b5602c55540ed9f694796786d42ed02268f8ef63fdaf567d20f147a00094b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2136ce13ad6447ecbcf743046a9efe3d

SHA1
3ba6a913d6e6d7054881b9094fb27befe710032a

SHA256
cb00a196f05a65f9dfb2f3deb12cdf91aa9a3c2a5520f7aa55ce3b0381b9cedf

SHA512
af398cc2ecf4df3c0b56d9e83067a338c883ae9a89447e2015681217ce473f381d2c41fc5bb70d15200b4b2b84f428cc132de32536c7b0270d39d5bf18eac9d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fd33799cd2b181a49153a8a4184b80fd

SHA1
9b5e6aba91b230e9b9abd8c2388fdae99330e164

SHA256
9313490f987ead48090f9705159f24891d6c84d08efd915a67d2dde5172e7944

SHA512
3ef18b423dc6dbc7a46ce9a9dc85874e4d7ecd0148e0c8c9d50673a03e2b30879004564b0231b2f4c65310c1734623014d0366277300a13be8fffb26ea32adec

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
f6fef49d61da6141710f4768baf20b76

SHA1
c15651299b706dd661b8e06244ffcc37f74c131e

SHA256
a4a894455bea7c03de723120fe445d2f468a23febac8fad6559f6fd779be0873

SHA512
0cc88d6547fa5d271c2b9a2a56048f8d56568944dd5701d897b8fa76e3361e63204144c694766b8cc8eb6b5294b87f7d2ae237874eb79f88b42a6b47e7e1ada4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e91e09c3e345945169d117be3498a0ae

SHA1
76c107d0a11661c1fbec781f104ff71fefb1bd01

SHA256
0019d4200283f271b0171534e0fabb2531a851b2ab4f3a412a32ff5eef739e26

SHA512
d694e2caceaa676e39c44ae762a6e3b6d375108f41202e4e2aaa2ca318de1dd5a4cc9ef2566501f99163667273a8002b49dcc29bb5114176383eb6ae5f1a2a1f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5679f5b284fc154b1b4f82baef4bd9ee

SHA1
b2c118f9c75ebaca8aef01673c01aa92b2e2826b

SHA256
0fc4fefa8e5d032d5b0b84121efc212a59f6d9d1aa7295617829eb2b7a52b4fc

SHA512
e74b35b5a63fe9e1b9645031c531f962bf03a6e6de0ee9f930101094b5886819961200291db4e4fdd0f92848a158634d1fc74ba8e65539b729b6bb0fb49c0756

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b1ff00a2d1a90b316045d8bd987e190e

SHA1
e71d65d34736a64e2c4edd55de6f0aa9be1a3946

SHA256
f809b04e0fb9ba5274ae4f4a40804b350a076ad8a9f2856193398c3c1e746a92

SHA512
4c923c8c739470a54a7c9e5b17518f683512482725fcb7f66d528532ad0b2cdf8d0889eb094e38a48433ce1959572be1e1026f0b3aff9bce10a4347d94a32601

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
54fe652d9026bb171f06eaa73b26bb42

SHA1
63a6c6fed089ea4539dff227ede8198138549964

SHA256
499e8772acd0acc31d3172eb8f901c463e1a60726dd34191b73be511586a3a18

SHA512
043f962ba23ca150ef533c72b4f94c0c0d5e1497031e1e39fbe54d9072d1b9bb2c7c5263683535cd8cb229fcbdf711311a21dccbcd56347f7e97ac403f9b606b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E1IWGZ4\412[1].htm

Filesize
179B

MD5
2e80ba8bff71b4ebd5dd91a33801ec28

SHA1
890ebf3f1d92bd251109723245c3c2c91654f04b

SHA256
e229871f7c4a5d8d85827f811549a3e72246c75a5580b80084795794655741d8

SHA512
bb64a50c727fd050ff1b4f61952ecf7e3392fb13fe9a55c8bc52d7fc681850cc32ee44fb2a9d5cab2742130048eca3f8b189d5489e511b26096d5074f827e170

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabCFB0.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarCFE2.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit